5-minute tutorial with SQLite doesn't work

[jarimayenburg]

Preflight checklist

• [X] I could not find a solution in the existing issues, docs, nor discussions.
• [X] I agree to follow this project's Code of Conduct.
• [X] I have read and am following this repository's Contribution Guidelines.
• [ ] This issue affects my Ory Cloud project.
• [ ] I have joined the Ory Community Slack.
• [ ] I am signed up to the Ory Security Patch Newsletter.

Describe the bug

I'm trying to run Hydra by following the 5-minute tutorial with SQLite. The hydra migrate sql command fails with the given error.

I think this is caused by the fact that the mounted folder is owned by root and therefore not readable or writable for the ory user.

Reproducing the bug

Follow the steps in the 5-minute tutorial:

1. Clone the repo (this error happens on both the latest version of master and on v1.11.7
2. Run docker-compose -f quickstart.yml up --build

Relevant log output

time=2022-03-27T17:56:08Z level=info msg=No tracer configured - skipping tracing setup audience=application service_name=Ory Hydra service_version=v1.11.6
The following migration is planned:

Could not get the migration status:
unable to open database file: no such file or directory
problem with migration
github.com/ory/x/popx.(*Migrator).Status
        /go/pkg/mod/github.com/ory/x@v0.0.344/popx/migrator.go:468
github.com/ory/hydra/persistence/sql.(*Persister).MigrationStatus
        /project/persistence/sql/persister_migration.go:24
github.com/ory/hydra/cmd/cli.(*MigrateHandler).MigrateSQL
        /project/cmd/cli/handler_migrate.go:89
github.com/spf13/cobra.(*Command).execute
        /go/pkg/mod/github.com/spf13/cobra@v1.3.0/command.go:860
github.com/spf13/cobra.(*Command).ExecuteC

Relevant configuration

No response

Version

master and v1.11.7

On which operating system are you observing this issue?

Linux

In which environment are you deploying?

Docker Compose

Additional Context

No response

[jarimayenburg]

The workaround that works for me is currently this:

services:
  hydra:
    user: root
    image: oryd/hydra:v1.11.7
    entrypoint: ""
    command: >
      /bin/sh -c "
      chown -R ory:ory /var/lib/sqlite && \
      su ory -s /bin/sh && \
      /usr/bin/hydra migrate -c /etc/config/hydra/hydra.yml sql -e -y && \
      /usr/bin/hydra serve -c /etc/config/hydra/hydra.yml all --dangerous-force-http"

[Empyreans]

I tweaked your workaround a little and got it to work for me.

It seems that for the current images, hydra/.docker/Dockerfile-scratch is used, whereas back then, images like oryd/hydra:v1.10.7-sqlite used hydra/.docker/Dockerfile-sqlite, which took care of this problem:

# By creating the sqlite folder as the ory user, the mounted volume will be owned by ory:ory, which
# is required for read/write of SQLite.
RUN mkdir -p /var/lib/sqlite && \
    chown ory:ory /var/lib/sqlite

I think you can build your own image if you don't want to implement the workaround.

[aeneasr]

Thank you, great find!

[aeneasr]

fixed in v2

[vanpelt]

This shouldn't be closed. Anyone that's trying this repo from a Mac (atleast) and running the following:

git clone https://github.com/ory/hydra.git
docker-compose -f quickstart.yml up --build

Is completely stuck and and unable to try the application. Endless errors occur:

hydra-hydra-1          | time=2022-08-03T00:13:45Z level=info msg=Retrying in 0.100000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-hydra-migrate-1  | time=2022-08-03T00:13:45Z level=info msg=Retrying in 0.400000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-hydra-1          | time=2022-08-03T00:13:45Z level=info msg=Retrying in 0.200000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-hydra-1          | time=2022-08-03T00:13:45Z level=info msg=Retrying in 0.400000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-hydra-migrate-1  | time=2022-08-03T00:13:45Z level=info msg=Retrying in 0.800000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-hydra-1          | time=2022-08-03T00:13:46Z level=info msg=Retrying in 0.800000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9

I tried running this from the v2.x branch and it's also broken there (maybe there's a cache issue?). Anyway, this is a really bad onboarding experience that should probably be fixed ASAP.

[vanpelt]

For anyone finding this, I ended up running:

docker-compose -f quickstart.yml down
git fetch origin
git checkout v2.x
docker-compose -f quickstart.yml up

Which resulted in:

hydra-hydra-1          | Error: unknown flag: --dev
hydra-hydra-1          | unknown flag: --dev

So I modified quickstart.yml and replace --dev with --dangerous-force-http. This resulted in me getting the same message:unable to open database file errors. I then decided to run the quick start with MySQL:

docker-compose -f quickstart.yml -f quickstart-mysql.yml up --build 

This blew up on my mac because the default mysql image doesn't support arm64. So I updated the quickstart-mysql.yml file to point to mysql:8.0-oracle instead of mysql:8.0.26 and it finally ran.

[MatteoGioioso]

Same bug on Ubuntu 20.04.4 LTS and oryd/hydra:v1.11.9.

The workaround worked with a little tweak

[mbana]

Same issue here with SQLite:

$ docker-compose up --build --force-recreate --always-recreate-deps --abort-on-container-exit --renew-anon-volumes
Recreating hydra_hydra-migrate_1 ... done
Recreating hydra_consent_1       ... done
Recreating hydra_hydra_1         ... done
Attaching to hydra_consent_1, hydra_hydra-migrate_1, hydra_hydra_1
consent_1        | 
consent_1        | > hydra-login-consent-logout@0.0.0 serve /usr/src/app
consent_1        | > node lib/app.js
consent_1        | 
consent_1        | Listening on http://0.0.0.0:3000
hydra-migrate_1  | time=2022-08-19T17:48:43Z level=info msg=No tracer configured - skipping tracing setup audience=application service_name=Ory Hydra service_version=v1.11.9
hydra-migrate_1  | time=2022-08-19T17:48:43Z level=info msg=Retrying in 0.100000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-migrate_1  | time=2022-08-19T17:48:43Z level=info msg=Retrying in 0.200000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-migrate_1  | time=2022-08-19T17:48:43Z level=info msg=Retrying in 0.400000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra_1          | time=2022-08-19T17:48:43Z level=info msg=No tracer configured - skipping tracing setup audience=application service_name=Ory Hydra service_version=v1.11.9
hydra_1          | time=2022-08-19T17:48:43Z level=info msg=Retrying in 0.100000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra_1          | time=2022-08-19T17:48:43Z level=info msg=Retrying in 0.200000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra_1          | time=2022-08-19T17:48:43Z level=info msg=Retrying in 0.400000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-migrate_1  | time=2022-08-19T17:48:43Z level=info msg=Retrying in 0.800000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra_1          | time=2022-08-19T17:48:44Z level=info msg=Retrying in 0.800000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-migrate_1  | time=2022-08-19T17:48:44Z level=info msg=Retrying in 1.600000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra_1          | time=2022-08-19T17:48:44Z level=info msg=Retrying in 1.600000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra-migrate_1  | time=2022-08-19T17:48:46Z level=info msg=Retrying in 3.200000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
hydra_1          | time=2022-08-19T17:48:46Z level=info msg=Retrying in 3.200000 seconds... audience=application error=map[message:unable to open database file: no such file or directory] service_name=Ory Hydra service_version=v1.11.9
^CGracefully stopping... (press Ctrl+C again to force)
Stopping hydra_hydra_1           ... done
Stopping hydra_hydra-migrate_1   ... done
Stopping hydra_consent_1         ... done

[boutros]

Same problem here, workaround does not work either. I'm on Linux using image oryd/hydra:v1.11.10

[fuomag9]

Same issue here, QuickStart does not work due to unknown flag: --dev

[renard]

Same here. Error message is pretty clear:

hydra-migrate_1  | time=2022-09-27T20:07:01Z level=warning msg=Migrator: unable to dump schema audience=application error=map[message:exec: "sqlite3": executable file not found in $PATH] service_name=ORY Hydra service_version=v1.10.7
hydra-migrate_1  | Successfully applied migrations!

This is because sqlite3 is not installed:

$ docker-compose -f quickstart.yml run --entrypoint /bin/sh hydra-migrate
Creating ory_hydra-migrate_run ... done
~ $ sqlite3
/bin/sh: sqlite3: not found
~ $

Solution is to install sqlite package:

Creating ory_hydra-migrate_run ... done
/home/ory # apk update
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/main/x86_64/APKINDEX.tar.gz
fetch https://dl-cdn.alpinelinux.org/alpine/v3.14/community/x86_64/APKINDEX.tar.gz
v3.14.8-39-g5f6acafe11 [https://dl-cdn.alpinelinux.org/alpine/v3.14/main]
v3.14.8-35-g97a74a18d1 [https://dl-cdn.alpinelinux.org/alpine/v3.14/community]
OK: 14968 distinct packages available
/home/ory # apk add sqlite
(1/4) Installing ncurses-terminfo-base (6.2_p20210612-r1)
(2/4) Installing ncurses-libs (6.2_p20210612-r1)
(3/4) Installing readline (8.1.0-r0)
(4/4) Installing sqlite (3.35.5-r0)
Executing busybox-1.33.1-r3.trigger
OK: 8 MiB in 19 packages
/home/ory # sqlite3
SQLite version 3.35.5 2021-04-19 18:32:05
Enter ".help" for usage hints.
Connected to a transient in-memory database.
Use ".open FILENAME" to reopen on a persistent database.
sqlite>

That should be done in https://github.com/ory/hydra/blob/a9c8da01b40d31438a15c54e8a86aad611573611/.docker/Dockerfile-sqlite#L13

Line should be:

apk --no-cache --upgrade --latest add ca-certificates sqlite

There is an other problem on consent docker image (oryd/hydra-login-consent-node:v2.0.0-alpha.0.pre.0):

docker-compose -f quickstart.yml up consent
Starting ory_consent_1 ... done
Attaching to ory_consent_1
consent_1        | standard_init_linux.go:228: exec user process caused: exec format error

This is because this image is built for aarch64 instead of x86_64:

docker ps -a | grep db63d3882acd
db63d3882acd   oryd/hydra-login-consent-node:v2.0.0-alpha.0.pre.0   "/bin/busybox"           8 minutes ago    Exited (1) 8 minutes ago                                                                                                                                  ory_consent_run_13c24ab3525d

docker cp db63d3882acd:/bin/busybox - | tar xvf - ; file busybox
busybox
busybox: ELF 64-bit LSB shared object, ARM aarch64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-musl-aarch64.so.1, stripped

Whereas oryd/hydra:latest-sqlite is built for x86-64:

docker ps -a | grep bee7b0355af1
bee7b0355af1   oryd/hydra:latest-sqlite                             "/bin/sh"                33 minutes ago   Exited (0) 26 minutes ago                                                                                                                                ory_hydra-migrate_run_b606ea814a35

docker cp bee7b0355af1:/bin/busybox - | tar xvf - ; file busybox
busybox
busybox: ELF 64-bit LSB shared object, x86-64, version 1 (SYSV), dynamically linked, interpreter /lib/ld-musl-x86_64.so.1, stripped

Changing https://github.com/ory/hydra/blob/a9c8da01b40d31438a15c54e8a86aad611573611/quickstart.yml#L55

by this line seems to fix the issue:

image: oryd/hydra-login-consent-node:latest

[aeneasr]

https://github.com/ory/hydra/pull/3282

[ndr-brt]

Am I wrong or this fix was never relased on the latest-sqlite tag on docker hub? https://hub.docker.com/r/oryd/hydra/tags?page=1&name=sqlite

[vinckr]

I have not checked it but docker images are built from this repo so it should be?